Dedicated-mgmt interface : syslog and snmp not compliant with documentation

JackX · ‎11-10-2021

Hello,

I'm setting up a cluster of FG101F for a client and I'm having the following issues :

- syslog is not going out throught dedicated-mgmt interface. Instead, it uses a production interface to join the syslog server.

- snmp is going out throught dedicated-mgmt interface AND the production interface to join the snmp server.

And the documentation is crystal clear about it :

"By default SNMP trap and syslog/remote log should go out of a FortiGate from the dedicated management port"

https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD39809

I tried it in 6.4.4, 6.4.6 and 6.4.7 to find the same behaviour. Anyone has an idea about it ?

Regards

Jacques

Markus · ‎11-10-2021

For syslog, you can try -> in syslogd settings -> set source ip -> if ip of Oob

________________________________________________________
--- NSE 4 ---
________________________________________________________

JackX · ‎11-10-2021

unfortunately not because when the mgmt interface is in dedicated-management mode it is put in some sort of OOB VDOM (but VDOM-mode is not activated on my unit)

DEPOT-FW1 (setting) # set source-ip 10.100.2.97 10.100.2.97 does not match any interface ip in vdom root.

Here is my problem...

I will open a case soon.

Regards

Jacques

Kangming · ‎11-10-2021

Technical Note: Sending messages (logs, SNMP, RADIUS) directly from HA management interface

https://kb.fortinet.com/k...=1%200%20263826864%27)

Thanks

Kangming

Dedicated-mgmt interface : syslog and snmp not compliant with documentation

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website